Admin

Configure and operate identity, policy, and access controls for your Keycard deployment.

Admin is where teams configure and operate Keycard: identity, resource catalogs, access policy, roles, SSO, audit, deployment, and billing. It turns agent access from an ad hoc approval process into rules that enforce themselves.

With Admin, you can:

Write permit/forbid policies that evaluate every request, with safe rollback to any previous version
Bring your own IdP so users authenticate through Okta, Auth0, or Google
Assign roles scoped to the organization or individual zones
Install MCP servers and OAuth-protected APIs from the Catalog, all governed by your zone’s identity and policy layer
Gate administrative access behind your corporate SSO

Get Started

GET STARTED

Set up your identity provider, from app creation to first login.

Use Okta for Sign InCreate an Okta application and configure it as a provider in your Keycard zone

Use Auth0 for Sign InCreate an Auth0 application and configure it as a provider in your Keycard zone

Configuration

CONFIGURATION

Each admin area with setup steps and examples.

Access PoliciesIndividual permit/forbid rules and policy sets that control access across a zone

Identity ProvidersConnect your own OAuth 2.0 IdP for zone-level user authentication

Zone AuthenticationConfiguring zone authentication, inviting users, sign up, and troubleshooting

Roles & PermissionsOrganization and zone roles that control who can manage settings and resources

Single Sign-OnOIDC-based SSO for your team’s access to Keycard Console, with JIT provisioning

CatalogOne-click installs for popular MCP servers and OAuth-protected APIs - Gmail, GitHub, Slack, Notion, Stripe, and more

API Reference Terraform